Business risks in 2013

As you enter 2013, what are the biggest threats to your business? A report by a leading risk prevention consultancy has some ideas.

Supply-chain fraud

The UK’s National Fraud Authority estimates the amount of money businesses are being losing to fraud has doubled every year for the last three years. And it looks set to increase, if the people at Riskill aren’t pulling a fast one themselves.

In a recent report, the risk consultants claim the biggest trend in the coming year will be the surge in supply-chain fraud. They warn that squeezed suppliers may resort to cheating by using IT systems to cover their tracks. This could range from skimming off the top with weights and measures, through to credit-based fraud.

“The fraud prevention market is braced for a repetition of this trend with an increase in the estimate of fraud losses expected again,” it concludes.

Cyber crime

Millions of automated attacks are aimed at banks and retailers every day. Most will be snared by security systems, but it only takes one to get through and wipe out your balance book.

Bill Trueman, managing director of Riskill, says some of the biggest threats still come from old-fashioned attacks using simple identity theft to gain usernames and passwords. This is either achieved through computer ‘sniffer’ systems coded to guess passwords, viruses sent to the victim’s computer, or through manual blagging to attain records over the phone or in person.

For businesses involved in online trading, the dangers of being defrauded increase with the number of platforms used to trade. The rising number of companies who offer goods and services via smartphone apps and contactless payment systems (Near Field Communication) such as Google Wallet, while reaping the benefits of customer convenience, are stepping into a potential security minefield.

During the London Olympics, security giant McAfee warned that the contactless payment systems being offered to athletes on their Samsung phones was wide open to fraud. “When we last looked at NFC phones and similar apps, there were questions of whether an attacker could go after the apps or the phone hardware and the Android operating system,” wrote McAfee’s mobile security researcher Jimmy Shah.

Reputational damage

This is a strange one, although we know why the people at Riskill have included it. Where is definitely a reputational risk to businesses on social media – smear campaigns from disgruntled employees and customers, such as the recent backlashes against McDonalds, Snickers and more – the solution is simple and decidedly low-tech: don’t give your customers or employees anything to be disgruntled about.

But Mr Trueman says companies can take further steps to cover themselves: “Many companies are getting staff to sign new contracts that include twitter, email and other social network clauses. They are trying to improve the understanding of the serious risks that the staff and their employers can face. But also to make disciplinary action and/or tracking and investigation easier when problems exist.”